using System.IdentityModel.Claims;
using System.IdentityModel.Policy;
using System.Security.Principal;

namespace DemoLib.Service.Web
{
    public class AuthorizationPolicy : IAuthorizationPolicy {
        // called after the authentication stage
        public bool Evaluate(EvaluationContext evaluationContext, 
                             ref object state) {
            // get the authenticated client identity from the evaluation context
            IIdentity client = GetClientIdentity(evaluationContext);

            // set the custom principal
            evaluationContext.Properties["Principal"] = new CustomPrincipal(client);

            return true;
                             }

        public ClaimSet Issuer { get; private set; }

        private IIdentity GetClientIdentity(EvaluationContext evaluationContext)
        {
            throw new System.NotImplementedException();
        }

        // rest omitted

        #region Implementation of IAuthorizationComponent

        public string Id { get; private set; }

        #endregion
    }
}